Review on Splunk MINT by Jeff Grindley

The search tools are so powerful, it's hard to think about anything that you can't do there! I've been using Mint for years now as part of our security monitoring suite (we also use Threat Stack). It integrates very well w/ other products such as ZAP & OSSEC-Lite which is great because we're not limited by what version they support or how much licensing costs would be if those systems weren't in house anyway. We have some pretty complicated rulesets set up but no matter where our logs go - whether locally via cron jobs, remote syslogs from servers running various OSes etc., mint just knows when something happens, grabs all relevant data out of context, performs searches efficiently then presents us the results nicely formatted into dashboards!